package net.shibboleth.utilities.java.support.httpclient;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.protocol.RequestAcceptEncoding;
import org.apache.http.client.protocol.ResponseContentEncoding;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.HttpParams;

/* loaded from: input_file:net/shibboleth/utilities/java/support/httpclient/HttpClientBuilder.class */
public class HttpClientBuilder {
    private InetAddress socketLocalAddress;
    private int socketTimeout;
    private int socketBufferSize;
    private int connectionTimeout;
    private boolean connectionDisregardSslCertificate;
    private boolean connectionCloseAfterResponse;
    private boolean connectionStalecheck;
    private int connectionsMaxTotal;
    private int connectionsMaxPerRoute;
    private String connectionProxyHost;
    private int connectionProxyPort;
    private String connectionProxyUsername;
    private String connectionProxyPassword;
    private boolean httpFollowRedirects;
    private String httpContentCharSet;

    public HttpClientBuilder() {
        resetDefaults();
    }

    public void resetDefaults() {
        this.socketLocalAddress = null;
        this.socketTimeout = 5000;
        this.socketBufferSize = 8192;
        this.connectionTimeout = 5000;
        this.connectionDisregardSslCertificate = false;
        this.connectionCloseAfterResponse = true;
        this.connectionStalecheck = false;
        this.connectionsMaxTotal = 20;
        this.connectionsMaxPerRoute = 2;
        this.connectionProxyHost = null;
        this.connectionProxyPort = 8080;
        this.connectionProxyUsername = null;
        this.connectionProxyPassword = null;
        this.httpFollowRedirects = true;
        this.httpContentCharSet = "UTF-8";
    }

    public InetAddress getSocketLocalAddress() {
        return this.socketLocalAddress;
    }

    public void setSocketLocalAddress(InetAddress inetAddress) {
        this.socketLocalAddress = inetAddress;
    }

    public void setSocketLocalAddress(String str) throws UnknownHostException {
        this.socketLocalAddress = InetAddress.getByName((String) Constraint.isNotNull(str, "IP or hostname may not be null"));
    }

    public int getSocketTimeout() {
        return this.socketTimeout;
    }

    public void setSocketTimeout(int i) {
        this.socketTimeout = i;
    }

    public int getSocketBufferSize() {
        return this.socketBufferSize;
    }

    public void setSocketBufferSize(int i) {
        this.socketBufferSize = (int) Constraint.isGreaterThan(0L, i, "Socket buffer size must be greater than 0");
    }

    public int getConnectionTimeout() {
        return this.connectionTimeout;
    }

    public void setConnectionTimeout(int i) {
        this.connectionTimeout = i;
    }

    public boolean isConnectionDisregardSslCertificate() {
        return this.connectionDisregardSslCertificate;
    }

    public void setConnectionDisregardSslCertificate(boolean z) {
        this.connectionDisregardSslCertificate = z;
    }

    public boolean isConnectionCloseAfterResponse() {
        return this.connectionCloseAfterResponse;
    }

    public void setConnectionCloseAfterResponse(boolean z) {
        this.connectionCloseAfterResponse = z;
    }

    public boolean isConnectionStalecheck() {
        return this.connectionStalecheck;
    }

    public void setConnectionStalecheck(boolean z) {
        this.connectionStalecheck = z;
    }

    public int getConnectionsMaxTotal() {
        return this.connectionsMaxTotal;
    }

    public void setConnectionsMaxTotal(int i) {
        this.connectionsMaxTotal = (int) Constraint.isGreaterThan(0L, i, "Max total connections must be greater than 0");
    }

    public int getConnectionsMaxPerRoute() {
        return this.connectionsMaxPerRoute;
    }

    public void setConnectionsMaxPerRoute(int i) {
        this.connectionsMaxPerRoute = (int) Constraint.isGreaterThan(0L, i, "Max connections per route must be greater than zero");
    }

    public String getConnectionProxyHost() {
        return this.connectionProxyHost;
    }

    public void setConnectionProxyHost(String str) {
        this.connectionProxyHost = StringSupport.trimOrNull(str);
    }

    public int getConnectionProxyPort() {
        return this.connectionProxyPort;
    }

    public void setConnectionProxyPort(int i) {
        this.connectionProxyPort = (int) Constraint.numberInRangeExclusive(0L, 65536L, i, "Proxy port must be between 0 and 65536, exclusive");
    }

    public String getConnectionProxyUsername() {
        return this.connectionProxyUsername;
    }

    public void setConnectionProxyUsername(String str) {
        this.connectionProxyUsername = str;
    }

    public String getConnectionProxyPassword() {
        return this.connectionProxyPassword;
    }

    public void setConnectionProxyPassword(String str) {
        this.connectionProxyPassword = str;
    }

    public boolean isHttpFollowRedirects() {
        return this.httpFollowRedirects;
    }

    public void setHttpFollowRedirects(boolean z) {
        this.httpFollowRedirects = z;
    }

    public String getHttpContentCharSet() {
        return this.httpContentCharSet;
    }

    public void setHttpContentCharSet(String str) {
        this.httpContentCharSet = str;
    }

    public HttpClient buildClient() {
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient(buildConnectionManager());
        defaultHttpClient.addRequestInterceptor(new RequestAcceptEncoding());
        if (this.connectionCloseAfterResponse) {
            defaultHttpClient.addRequestInterceptor(new RequestConnectionClose());
        }
        defaultHttpClient.addResponseInterceptor(new ResponseContentEncoding());
        HttpParams params = defaultHttpClient.getParams();
        if (this.socketLocalAddress != null) {
            params.setParameter("http.route.local-address", this.socketLocalAddress);
        }
        if (this.socketTimeout > 0) {
            params.setIntParameter("http.socket.timeout", this.socketTimeout);
        }
        params.setIntParameter("http.socket.buffer-size", this.socketBufferSize);
        if (this.connectionTimeout > 0) {
            params.setIntParameter("http.connection.timeout", this.connectionTimeout);
        }
        params.setBooleanParameter("http.connection.stalecheck", this.connectionStalecheck);
        if (this.connectionProxyHost != null) {
            params.setParameter("http.route.default-proxy", new HttpHost(this.connectionProxyHost, this.connectionProxyPort));
            if (this.connectionProxyUsername != null && this.connectionProxyPassword != null) {
                defaultHttpClient.getCredentialsProvider().setCredentials(new AuthScope(this.connectionProxyHost, this.connectionProxyPort), new UsernamePasswordCredentials(this.connectionProxyUsername, this.connectionProxyPassword));
            }
        }
        params.setBooleanParameter("http.protocol.handle-redirects", this.httpFollowRedirects);
        params.setParameter("http.protocol.content-charset", this.httpContentCharSet);
        return defaultHttpClient;
    }

    private ClientConnectionManager buildConnectionManager() {
        ThreadSafeClientConnManager threadSafeClientConnManager = new ThreadSafeClientConnManager(buildSchemeRegistry());
        threadSafeClientConnManager.setDefaultMaxPerRoute(this.connectionsMaxPerRoute);
        threadSafeClientConnManager.setMaxTotal(this.connectionsMaxTotal);
        return threadSafeClientConnManager;
    }

    private SchemeRegistry buildSchemeRegistry() {
        SSLSocketFactory sSLSocketFactory;
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("http", 80, (SchemeSocketFactory) PlainSocketFactory.getSocketFactory()));
        if (this.connectionDisregardSslCertificate) {
            X509TrustManager x509TrustManager = new X509TrustManager() { // from class: net.shibboleth.utilities.java.support.httpclient.HttpClientBuilder.1
                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }
            };
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
                sSLSocketFactory = new SSLSocketFactory(sSLContext);
            } catch (KeyManagementException e) {
                throw new RuntimeException("Some how the trust everything trust manager didn't trust everything", e);
            } catch (NoSuchAlgorithmException e2) {
                throw new RuntimeException("TLS SSLContext type is required to be supported by the JVM but is not", e2);
            }
        } else {
            sSLSocketFactory = SSLSocketFactory.getSocketFactory();
        }
        schemeRegistry.register(new Scheme("https", 443, (SchemeSocketFactory) sSLSocketFactory));
        return schemeRegistry;
    }
}
